Designing Software from Formal Specifications

MacDonald , Anthony John

Unknown Date

This thesis investigates the process of designing software from formal specifications, in particular, specifications expressed in the Z notation. The initial phases of software design have significant impact on software quality and the transition from formal specification to design is not clearly understood. There is often no visible or obvious connection between the specification and the finished design. It is possible to add traceability with either verification or refinement, but I wish to understand and guide the design process. Investigating the design of software from formal specifications highlighted possible relationships between parts of the specification and parts of the design. A design strategy is introduced, that combines software architectural styles and formal specifications to influence the generated design. The design process is architecturally-specific, but a template for instantiating the design process to a chosen architectural style is presented. Specializations of the template are presented for the ADT-based architectural style and the event-based architectural style. These specializations of the template produce an architecturally-constrained, specification-influenced design process. Providing an architecturally-constrained, specification-influenced design process enables the software designer to produce better quality software. The constrained design process allows the designer to focus on the difficult aspects of design: understanding the problem, choosing the best abstractions, and finding a suitable solution.

Software Design

Formal Specifications

Software Architecture

Patterns

The formal specification of the Tees Confidentiality Model

Howitt, Anthony

January 2008

This thesis reports an investigation into authorisation models, as used in identity and access management. It proposes new versions of an authorisation model, the Tees Confidentiality Model (TCM), and presents formal specifications in B, and verifications and implementations of the key concepts using Spec Explorer, Spec# and LinQ. After introducing the concepts of authorisation and formal models, a formal methods specification in B of Role Based Access Control (RBAC) is presented. The concepts in RBAC have heavily influenced authorisation over the last two decades, and most of the research has been with their continued development. A complete re-working of the ANSI RBAC Standard is developed in B, which highlights errors and deficiencies in the ANSI Standard and confirms that B is a suitable method for the specification of access control. A formal specification of the TCM in B is then developed. The TCM supports authorisation by multiple concepts, with no extra emphasis given to Role (as in RBAC). The conceptual framework of Reference Model and Functional Specification used in the ANSI RBAC Standard is used to structure the TCM formal model. Several improvements to the original TCM are present in the formal specification, notably a simplified treatment of collections. This new variation is called TCM2, to distinguish it from the original model. Following this, a further B formal specification of a TCM reduced to its essential fundamental components (referred to as TCM3) was produced. Spec Explorer was used to animate this specification, and as a step towards implementation An implementation of TCM3 using LinQ and SQL is then presented, and the original motivating healthcare scenario is used as an illustration. Finally, classes to implement the versions of the TCM models developed in the thesis are designed and implemented. These classes enable the TCM to be implemented in any authorisation scenario. Throughout the thesis, model explorations, animations, and implementations are illustrated by SQL, C# and Spec# code fragments. These illustrate the correspondence of the B specification to the model design and implementation, and the effectiveness of using formal specification to provide robust code.

004

Unit testing database applications using SpecDB: A database of software specifications

Mikhail, Rana Farid

01 June 2006

In this dissertation I introduce SpecDB, a database created to represent and host software specifications in a machine-readable format. The specifications represented in SpecDB are for the purpose of unit testing database operations. A structured representation aids in the processes of both automated software testing and software code generation, based on the actual software specifications. I describe the design of SpecDB, the underlying database that can hold the specifications required for unit testing database operations.Specifications can be fed directly into SpecDB, or, if available, the formal specifications can be translated to the SpecDB representation. An algorithm that translates formal specifications to the SpecDB representation is described. The Z formal specification language has been chosen as an example for the translation algorithm. The outcome of the translation algorithm is a set of machine-readable formal specifications.To demonstrate the use of Sp ecDB, two automated tools are presented. The first automatically generates database constraints from represented business rules in SpecDB. This constraint generator gives the advantage of enforcing some business rules at the database level for better data quality. The second automated application of SpecDB is a reverse engineering tool that logs the actual execution of the program from the code. By Automatically comparing the output of this tool to the specifications in SpecDB, errors of commission are highlighted that might otherwise not be identified. Some errors of commission including coding unspecified behavior together with correct coding of the specifications cannot be discovered through black box testing techniques, since these techniques cannot observe what other modifications or outputs have happened in the background. For example, black box, functional testing techniques cannot identify an error if the software being tested produced the correct specified output but mor e over, sent classified data to insecure locations. Accordingly, the decision of whether a software application passed a test depends on whether it coded all the specifications and only the specifications for that unit. Automated tools, using the reverse engineering application introduced in this dissertation, can thus automatically make the decision whether the software passed a test or not based on the provided specifications.

Software Testing

Formal specifications

Reverse engineering

Automated code

Constraint generation

American Studies

Arts and Humanities

Agregatinių specifikacijų interaktyvus redagavimas ir imitacinis modeliavimas / Interactive edit of PLA specifications and simulation modeling

Bakanas, Aivaras

25 May 2005

PLA method can be used to formally specify systems. Systems specifications are written as text, what is exhaustive and understandable, but unfortunately are not visual, and user can’t quickly acquaintance with the formalized system. This article presents a way to represent aggregates specifications visually, which eases an acquaintance with specification. This article also presents a software tool to visually design formal specifications.

Informatics Engineering

Specification

Agregatinė specifikacija

UML

PLA

PLA-CA

Simulation

Formal specifications

Imitacinis modeliavimas

Automatizuotas formalių PLA specifikacijų sudarymas ir interaktyvusis redagavimas / Automated creation and interactive editing of PLA specifications

Šuklevičius, Gediminas

10 July 2008

PLA (Atkarpomis tiesinių agregatų) formalizavimo metodas gali būti naudojamas sistemų formalių specifikacijų sudarinėjimui. Sistemų formalios specifikacijos gali būti užrašomos tekstiniu pavidalu, tačiau tai yra labai varginantis procesas, ko pasėkoje gautas rezultatas yra vaizdiniai neinformatyvus ir vartotojai negali lengvai perprasti sistemos specifikacijos. Šiame dokumente pateikiamas būdas vizualiai ir pakankamai lengvai užrašyti sistemų formalias specifikacijas naudojant PLA formalizavimo metodą. Šiame dokumente taip pat pristatomas grafinis redaktorius – sudėtingų formalių specifikacijų integruotos analizės automatizavimo sistemos posistemė, skirta agregatinių specifikacij�� kūrimui ir redagavimui. / PLA method can be used to formally specify systems. Systems specifications are written as text, what is exhaustive and understandable, but unfortunately are not visual, and user can’t quickly acquaintance with the formalized system. This article presents a way to visually and quite easily write systems specifications using PLA formalization method. This article also presents a software tool to accomplish this task. That’s graphical editor – a subsystem of a formal complex systems integrated analysis automatization system (FSA).

Informatics Engineering

PLA

Formali specifikacija

PLA specifikacijų redagavimas

PLA

Formal specifications

PLA specification editing

ADEPT a tool to support the formal analysis of software design /

Campbell, Sherrie L.

January 2009

Title from first page of PDF document. Includes bibliographical references (p. Xx-Xx).

Synthesis of Specifications and Refinement Maps for Real-Time Object Code Verification

Al-Qtiemat, Eman Mohammad

January 2020

Formal verification methods have been shown to be very effective in finding corner-case bugs and ensuring the safety of embedded software systems. The use of formal verification requires a specification, which is typically a high-level mathematical model that defines the correct behavior of the system to be verified. However, embedded software requirements are typically described in natural language. Transforming these requirements into formal specifications is currently a big gap. While there is some work in this area, we proposed solutions to address this gap in the context of refinement-based verification, a class of formal methods that have shown to be effective for embedded object code verification. The proposed approach also addresses both functional and timing requirements and has been demonstrated in the context of safety requirements for software control of infusion pumps. The next step in the verification process is to develop the refinement map, which is a mapping function that can relate an implementation state (in this context, the state of the object code program to be verified) with the specification state. Actually, constructing refinement maps often requires deep understanding and intuitions about the specification and implementation, it is shown very difficult to construct refinement maps manually. To go over this obstacle, the construction of refinement maps should be automated. As a first step toward the automation process, we manually developed refinement maps for various safety properties concerning the software control operation of infusion pumps. In addition, we identified possible generic templates for the construction of refinement maps. Recently, synthesizing procedures of refinement maps for functional and timing specifications are proposed. The proposed work develops a process that significantly increases the automation in the generation of these refinement maps. The refinement maps can then be used for refinement-based verification. This automation procedure has been successfully applied on the transformed safety requirements in the first part of our work. This approach is based on the identified generic refinement map templates which can be increased in the future as the application required.

critical systems

formal specifications

formal verification

model checking

refinement maps

refinement-based verification

ADEPT: A Tool to Support the Formal Analysis of Software Design

Campbell, Sherrie L.

14 August 2009

No description available.

Computer Science

Software Design

Formal Methods

Design Methodology

Design Patterns

Formal Specifications

Framework formal para composição automática de serviços em sistemas de internet das coisas. / Formal framework for automatic service composition in internet of things system.

Silva, André Luís Meneses

01 March 2018

É cada vez mais notável o desenvolvimento da indústria micro-eletrônica. A criação de dispositivos eletrônicos menores, que apresentam maior autonomia de energia, aliados ao aumento do poder de processamento, armazenamento e comunicação sem fio de alta velocidade favoreceram o surgimento e disseminação de novas tecnologias e paradigmas, dentre elas a Internet das Coisas (IoT). Do ponto de vista tecnológico, IoT é uma rede de objetos físicos que possuem tecnologia embarcada de sensoriamento e atuação. Agências de consultoria empresarial, tais como a McKinsey & Company, afirmam que IoT apresenta valor de mercado bilionário e poderá ultrapassar a casa dos trilhões antes de 2020. Dessa forma, o mercado de IoT vem se apresentando como um dos mercados mais promissores para os próximos anos. Alguns dos problemas que podem postergar este crescimento são os problemas decorrentes da dificuldade de integração e escalabilidade das aplicações de IoT. Em IoT, problemas de interoperabilidade são corriqueiros, seja pela alta diversidade de dispositivos empregados, seja pela incompatibilidade entre fabricantes. Em relação a escalabilidade, sistemas de IoT possuem uma demanda natural por alta escala, visto que buscam atender demandas comuns a vários setores, seja na indústria, transporte, domótica, segurança pública, comércio, entre outros. Este trabalho apresenta uma solução para esses problemas através do SWoTPAD, um framework formal que auxilia o projetista no desenvolvimento de soluções para IoT. SWoTPAD oferece uma linguagem para especificar dispositivos e serviços, descrever o ambiente e realizar requisições. Adicionalmente, ele gera o módulo de descoberta, composição automática de serviços e execução. Aplicações SWoTPAD são facilmente integráveis, pois usam e estendem um mesmo conjunto de ontologias, o que garante a compatibilidade nos dados gerados e consumidos por essas aplicações. A escalabilidade advém da associação de anotações semânticas a cada um dos elementos que compõem a aplicação de IoT. Essas anotações permitem ao SWoTPAD descobrir, classificar, selecionar e compor automaticamente serviços do ambiente. Dessa forma, SWoTPAD pode procurar por soluções alternativas, quando o serviço original apto a atender uma determinada demanda se encontra sobrecarregado ou indisponível. Para validação do framework, foram adotados dois estudos de caso. O primeiro deles, o problema de implantação de serviços em um ambiente de nuvem, e o segundo, uma aplicação de segurança residencial. O estudo de caso demonstrou que é possível desenvolver aplicações completas de IoT no framework proposto. Adicionalmente, o mecanismo de composição automática gerado pelo framework para essas aplicações apresenta uma piora média de 45% de desempenho quando comparado à composição manual. / The development of the micro-electronics industry is becoming more and more remarkable. The creation of smaller electronic devices, with higher degree of autonomy, processing, storage, and wireless communication favor the emergence and dissemination of new technologies and paradigms, such as the Internet of Things (IoT ). From the technological point of view, IoT is a network of physical objects that have embedded technology of sensing and actuation. McKinsey & Company says the IoT market is already reaching billionaire numbers and may exceed the trillions by 2020. Thus, the IoT market is proving to be one of the most promising markets in the next years. Problems that can delay this growth come from the difficulty of integration and scalability of IoT applications. In IoT, interoperability problems are common, either because of the high diversity of devices used, or because of the incompatibility between manufacturers. Regarding scalability, IoT systems have a natural demand for high scale, since they seek to meet common demands in various sectors, be it in industry, transportation, home automation, public safety, commerce, among others. This work solves these problems through SWoTPAD, a formal framework that assists the designer in developing solutions for IoT. SWoTPAD provides a language for specifying devices and services, describing the environment, and performing requests. Additionally, it generates the discovery, automatic service composition, and execution module. SWoTPAD applications are easily integrable, since they use and extend the same set of ontologies, which guarantees compatibility in the data generated and consumed by these applications. Scalability comes from the association of semantic annotations to each of the elements that compose the IoT application. These annotations allow SWoTPAD to discover, rank, select, and automatically compose services. In this way, SWoTPAD can search for alternative solutions, when the original service able to meet a particular demand is overloaded or unavailable. Two case studies were developed for validation of the framework. The first one, the problem of deploying services in a cloud environment, and the second, a home security system. The case study demonstrated that it is possible to develop complete IoT applications in the proposed framework. Also, the automatic service composition module generated by SWoTPAD for these applications has a mean worsening of 45 % of performance when compared to the manual composition.

Engenharia de conhecimento

Especificação formal

Formal specifications

Frameworks

Intelligent systems

Internet das coisas

Internet of things

Knowledge engineering

Sistemas inteligentes

Framework formal para composição automática de serviços em sistemas de internet das coisas. / Formal framework for automatic service composition in internet of things system.

André Luís Meneses Silva

01 March 2018

É cada vez mais notável o desenvolvimento da indústria micro-eletrônica. A criação de dispositivos eletrônicos menores, que apresentam maior autonomia de energia, aliados ao aumento do poder de processamento, armazenamento e comunicação sem fio de alta velocidade favoreceram o surgimento e disseminação de novas tecnologias e paradigmas, dentre elas a Internet das Coisas (IoT). Do ponto de vista tecnológico, IoT é uma rede de objetos físicos que possuem tecnologia embarcada de sensoriamento e atuação. Agências de consultoria empresarial, tais como a McKinsey & Company, afirmam que IoT apresenta valor de mercado bilionário e poderá ultrapassar a casa dos trilhões antes de 2020. Dessa forma, o mercado de IoT vem se apresentando como um dos mercados mais promissores para os próximos anos. Alguns dos problemas que podem postergar este crescimento são os problemas decorrentes da dificuldade de integração e escalabilidade das aplicações de IoT. Em IoT, problemas de interoperabilidade são corriqueiros, seja pela alta diversidade de dispositivos empregados, seja pela incompatibilidade entre fabricantes. Em relação a escalabilidade, sistemas de IoT possuem uma demanda natural por alta escala, visto que buscam atender demandas comuns a vários setores, seja na indústria, transporte, domótica, segurança pública, comércio, entre outros. Este trabalho apresenta uma solução para esses problemas através do SWoTPAD, um framework formal que auxilia o projetista no desenvolvimento de soluções para IoT. SWoTPAD oferece uma linguagem para especificar dispositivos e serviços, descrever o ambiente e realizar requisições. Adicionalmente, ele gera o módulo de descoberta, composição automática de serviços e execução. Aplicações SWoTPAD são facilmente integráveis, pois usam e estendem um mesmo conjunto de ontologias, o que garante a compatibilidade nos dados gerados e consumidos por essas aplicações. A escalabilidade advém da associação de anotações semânticas a cada um dos elementos que compõem a aplicação de IoT. Essas anotações permitem ao SWoTPAD descobrir, classificar, selecionar e compor automaticamente serviços do ambiente. Dessa forma, SWoTPAD pode procurar por soluções alternativas, quando o serviço original apto a atender uma determinada demanda se encontra sobrecarregado ou indisponível. Para validação do framework, foram adotados dois estudos de caso. O primeiro deles, o problema de implantação de serviços em um ambiente de nuvem, e o segundo, uma aplicação de segurança residencial. O estudo de caso demonstrou que é possível desenvolver aplicações completas de IoT no framework proposto. Adicionalmente, o mecanismo de composição automática gerado pelo framework para essas aplicações apresenta uma piora média de 45% de desempenho quando comparado à composição manual. / The development of the micro-electronics industry is becoming more and more remarkable. The creation of smaller electronic devices, with higher degree of autonomy, processing, storage, and wireless communication favor the emergence and dissemination of new technologies and paradigms, such as the Internet of Things (IoT ). From the technological point of view, IoT is a network of physical objects that have embedded technology of sensing and actuation. McKinsey & Company says the IoT market is already reaching billionaire numbers and may exceed the trillions by 2020. Thus, the IoT market is proving to be one of the most promising markets in the next years. Problems that can delay this growth come from the difficulty of integration and scalability of IoT applications. In IoT, interoperability problems are common, either because of the high diversity of devices used, or because of the incompatibility between manufacturers. Regarding scalability, IoT systems have a natural demand for high scale, since they seek to meet common demands in various sectors, be it in industry, transportation, home automation, public safety, commerce, among others. This work solves these problems through SWoTPAD, a formal framework that assists the designer in developing solutions for IoT. SWoTPAD provides a language for specifying devices and services, describing the environment, and performing requests. Additionally, it generates the discovery, automatic service composition, and execution module. SWoTPAD applications are easily integrable, since they use and extend the same set of ontologies, which guarantees compatibility in the data generated and consumed by these applications. Scalability comes from the association of semantic annotations to each of the elements that compose the IoT application. These annotations allow SWoTPAD to discover, rank, select, and automatically compose services. In this way, SWoTPAD can search for alternative solutions, when the original service able to meet a particular demand is overloaded or unavailable. Two case studies were developed for validation of the framework. The first one, the problem of deploying services in a cloud environment, and the second, a home security system. The case study demonstrated that it is possible to develop complete IoT applications in the proposed framework. Also, the automatic service composition module generated by SWoTPAD for these applications has a mean worsening of 45 % of performance when compared to the manual composition.

Engenharia de conhecimento

Especificação formal

Frameworks

Internet das coisas

Sistemas inteligentes

Formal specifications

Intelligent systems

Internet of things

Knowledge engineering